Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix possible XSS bug in help dialog
  • Loading branch information
ElijahFowler committed Sep 6, 2017
1 parent 8134221 commit 5ea8129
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions Web/Help.aspx.cs
@@ -1,8 +1,9 @@
using System;
using System.Web.UI;
using mojoPortal.Business.WebHelpers;
using mojoPortal.Web.Framework;
using Resources;
using System;
using System.Web;
using System.Web.UI;

namespace mojoPortal.Web.UI.Pages
{
Expand Down Expand Up @@ -61,7 +62,7 @@ protected void ShowHelp()
Resource.HelpNoHelpAvailable;
}

litHelp.Text = helpText;
litHelp.Text = HttpUtility.HtmlDecode(SecurityHelper.RemoveMarkup(helpText));
}
}
}
}

0 comments on commit 5ea8129

Please sign in to comment.